C:\Users\28718\Documents\GitHub\DcRat\Binaries\Release\DcRat.pdb
Behavioral task
behavioral1
Sample
c73b1ffa39c5843b2ed951ac48350d1deb33db4057341f1dab1ee64ea1a62248.exe
Resource
win7-20240903-en
General
-
Target
JaffaCakes118_08947cdc6692c6b0a8af2c32e272fbf15ed6a456e1787bc33a7e8cbebc50ce32
-
Size
4.7MB
-
MD5
fd33b25a7f6475e90f1d480944448db5
-
SHA1
a43ad473b5b2a838b2d230dda3e79ae63a1e655c
-
SHA256
08947cdc6692c6b0a8af2c32e272fbf15ed6a456e1787bc33a7e8cbebc50ce32
-
SHA512
074e69e4d7d123b2446d05e02a633f6669951b8cc74584d1472127cc5693d60588a66c424c6bce46a988064824eba77d5fd909ba9175b23a8cc332f98682acad
-
SSDEEP
98304:cBtGZoZWqcq+ew2/W6w6F+75eIE/GuW2OIY+QIWR7O:crCkWN7e5/VF+AV+8y7O
Malware Config
Signatures
-
Asyncrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/c73b1ffa39c5843b2ed951ac48350d1deb33db4057341f1dab1ee64ea1a62248
Files
-
JaffaCakes118_08947cdc6692c6b0a8af2c32e272fbf15ed6a456e1787bc33a7e8cbebc50ce32.zip
-
c73b1ffa39c5843b2ed951ac48350d1deb33db4057341f1dab1ee64ea1a62248.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 12.2MB - Virtual size: 12.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ